Author

Topic: Ecommerce SaaS: If we add support for Bitcoin, are we increasing our liability? (Read 5369 times)

full member
Activity: 238
Merit: 100
Im sure silk road will never register as a corporation  Smiley
legendary
Activity: 2506
Merit: 1010
  • Require a signed document or some similar process to ensure our terms of service is understood and will be followed.

Copy and paste?
 - https://bitpay.com/terms
full member
Activity: 165
Merit: 102
Live life on purpose
Another thought: Are your customers selling through their own websites? Identity verification of businesses on the web is traditionally supposed to be done as part of the SSL certification process. For example, you might require people without validated merchant accounts to have a certain kind of SSL certificate (probably Extended Validation). That way they're mostly going through checks that they had to go through anyway, and you can check that they're verified automatically by looking at their certificate.

That's an excellent idea. Thanks!

And yes, it's mostly arse covering and trying to avoid any increased liability accepting Bitcoin could create. Based on some of the other posts in this category, it seems the laws are still being discussed and/or written. With new ground comes new risk.

But with risk also comes reward.
sr. member
Activity: 352
Merit: 250
https://www.realitykeys.com
It would help if you could tell us a bit more about specifically what the merchant account provider is checking for you, and what that protects you against. But based on my best guess:

If your merchant account provider is giving you some kind of meaningful protection against sign-ups by people intent on illegal activity, can't you continue requiring vendors to set up a merchant account, but let them accept payments with Bitcoin too once they've done that?

Another thought: Are your customers selling through their own websites? Identity verification of businesses on the web is traditionally supposed to be done as part of the SSL certification process. For example, you might require people without validated merchant accounts to have a certain kind of SSL certificate (probably Extended Validation). That way they're mostly going through checks that they had to go through anyway, and you can check that they're verified automatically by looking at their certificate.

PS. I strongly suspect that in practice both the merchant account checks and the SSL certification procedures are fairly useless at combating people determined to commit illegal activity, but it sounds like you're mostly looking for an arse-covering strategy?
full member
Activity: 165
Merit: 102
Live life on purpose
How can you be more liable than a politician? There was a politician that accepted bitcoins..... they basically just told him to ask for the name that's all. I would say
Request to know the name
record IP
treat it like cash for tax purposes

But I'm not a lawyer...  (there is also a legal subsection)

wish you the best.

Thanks notig. Sorry about posting in the wrong place, I didn't notice the Legal sub section. Glad to know I can move topics myself. Smiley

That's an interesting analogy. Are you referring to this post about the New Hampshire Deputy Sec. of State? https://bitcointalksearch.org/topic/new-hampshire-deputy-secretary-of-state-recognizes-bitcoin-contributions-104544

The concern I have is ongoing illegal activity. Sure, an individual donation could be illegal, but probably won't get noticed. If ongoing sales are happening, that will probably draw the attention of law enforcement who may think we're empowering them to do their thing. We may have the same protection as ISPs and similar service providers, but it's all new territory for me, so I'm asking questions, learning daily.
sr. member
Activity: 294
Merit: 250
How can you be more liable than a politician? There was a politician that accepted bitcoins..... they basically just told him to ask for the name that's all. I would say
Request to know the name
record IP
treat it like cash for tax purposes

But I'm not a lawyer...  (there is also a legal subsection)

wish you the best.
full member
Activity: 165
Merit: 102
Live life on purpose
My business partner and I were talking about this today, and I wanted your feedback. We're both new to Bitcoin and are getting excited about the possibility of adding Bitcoin support to our ecommerce software as a service (FoxyCart.com). One concern we have: What prevents someone from doing illegal activities through our platform using Bitcoin?

Currently we benefit greatly from the merchant account provider who approves or denies the merchant. If someone wants to user our service, they have to have a live merchant account to collect payment. This helps ensure the users of our system are right inline with our terms of service because of the merchant account provider's approval process.

If we were to support Bitcoin directly or through a service like Bitpay, what protection would we have? What would prevent someone from signing up and selling illegal things on our platform since they are basically anonymous?

Here are some possible solutions I can think of, but please add some of your own as well:

  • Charge a premium for stores who want to use Bitcoin payments exclusively and use the extra fees to manually vet and periodically check up on each merchant to ensure everything being sold is legal (this assumes no password-protected areas of their site).
  • Do our own identity validation service (much like mtgox) to ensure we have valid identification for the merchant so if there are any illegal activities going on and we get subpoenaed, we can point to a real person.
  • Require a signed document or some similar process to ensure our terms of service is understood and will be followed.
  • Rely on the checkbox they clicked and hope for the best.

I'm having trouble coming up with more solutions. Addressing these concerns could help bring Bitcoin well beyond the hacker community into mainstream every day life. We want to help with that, but we also have to protect our company and users. At the very least, accepting Bitcoin means a second look at our business insurance and a long talk with our lawyers.

We'd love to hear your thoughts on this.
Jump to: